Feed

lots of fraud, scam, moneymule domains to blacklist

Posted on February 23rd, 2010 in fastflux,New Domains,Phishing by dglosser

Mostly money-mule, fraud, scam domains added. Also some fast-flux and other malicious domains as well,.

See wikipedia or  f-secure for more information about money mules. Sources include www.malwareurl.com, malc0de.com, and atlas.arbor.net:

70-music .com 3000channelsplus .com
90-music .com alldigitalchannels .com
allmoviesnow .net americanautobargains .com
anti-scamco .net arequipalinda .com
aqaqaqaq .com ares-downloadnow .com
avchecker123 .com aresdownloadnow .com
bear-groupco .ws aresgalaxydownloads .com
bear-groupinc .ws autobargainsnetwork .com
bizelitt .com better-fitness .com
chaujoi .cn bloggingforsuccess .com
djbormand .cn britishsupport .net
dvdxpremium .com citizen-groupco .tw
dvdxultra .com citizen-groupco .ws
e58z .cn citizen-groupsvc .tw
elenailyina .com citizengroupinc .ws
emoore .info classic-groupco .ws
excel-groupco .tw classic-groupsvc .tw
expertbucks .com classicgroupinc .ws
fcrazy .com download .haozip .com
fivejet .com excel-groupinc .tw
fivewjet .com excel-groupinc .ws
fobsl .cn excel-groupsvc .ws
forum .d99q .cn explosioncash .com
fviejet .com file0129 .iwillhavesexygirls .com
gatemx1 .com financial-groupco .tw
gerdas .cz financial-groupco .ws
gethotgames .com financial-groupinc .tw
getpcmovies .com financial-groupsvc .ws
gidrasil .cn firewallprotector .com
goldenmac .cn free-limewire-now .com
greatan .cn getdownloadmovies .com
greenpl .com getlivebasketballtv .com
guardcom getlivefootballtv .com
hadser .cz getlivesoccertv .com
hoploawq .com globalunitrack .com
hotmusicfast .com hypnoticacolectiva .com
i-pspaccess .com imoviedownloads .net
info-bill .com internetdownloadstore .com
isoftwaretv .com kamarilloskukarekas .com
itvdownload .com magicrevenue .com
jioyfu .cz maglavais .ath .cx
jjotqkhqymp .info mahjongmuseum .com
jvoamkvyxv .info market-vision .tw
k-litetk .com market-visioninc .ws
kazz .com maxpaidsurveys .com
khalej .cn measure-groupco .tw
liulanqi .cc measure-groupco .ws
lojasdiko .com measure-groupinc .tw
love2coffee .cn measure-groupinc .ws
mail2book .in medfinanceflow .com
maniyakat .cn miamicaraccessories .com
masterpsp .com millennium-groupco .tw
me-1 .info millennium-groupinc .ws
mevsimevsim .com millennium-groupsvc .tw
moviesforpc .com millennium-groupsvc .ws
moviewiz .net monstersoftware .info
mp3review .biz moviedownloadaccess .com
mypspcenter .com moviedownloadreview .biz
mywarworld .cn moviedownloadsnow .net
nautiqa .com .sg musicplayer-downloads .com
neswbrand .com musicplayercenter .com
nit99 .biz myzunedownload .com
nmalodbp .com netpaidshopping .com
nvbgfy .cz newmovieflicks .com
order-info .com noltvoqmhoce .info
pasder .cz nuris-groupco .tw
pedersii .net nuris-groupco .ws
playtodayss .net nuris-groupinc .tw
proadware .com nuris-groupinc .ws
r7n7 .com patrickcadona .com
rep1030 .co .uk pmxjpigimsdv .info
rep1030 .me .uk qooglesearch .com
rep1031 .co .uk render-groupco .tw
rep1032 .co .uk render-groupco .ws
rep1041 .co .uk render-groupinc .tw
rep1041 .me .uk ricksmusicstore .com
rep1042 .co .uk secure .info-bill .com
rep1042 .me .uk secure .order-info .com
rep1043 .co .uk server .modulo03 .com
rep1043 .me .uk shareazasite .com
ro777 .com success-groupco .tw
rocklamanna .com success-groupco .ws
rolstop .in success-groupinc .tw
safepcav .com success-groupsvc .ws
sowner .info tbxierkoqze .info
sttcounter .cn technotronics .cn
theshipmangroup .com
top4hot .info virus-scannerdot1 .com
udaswy .cz virus-scannerdot2 .com
uijghy .cz virus-scannerdot3 .com
vexmarc .com virus-scannerdot6 .com
vjxzzqobsyz .com winter-smile .com
web-pings .com wordpressquest .com
welovetweet .com wxrzufdrzzn .info
xenonshow .gr xlgjewczfjqx .com
yuferd .cz xpresscanon-yourpc .com
zontrhost .net z130217 .infobox .ru

aurora, zeus, phishing, pushdo,rogue domains to block

Posted on February 19th, 2010 in New Domains,Phishing,rogue antivirus,Trojans,zeus by dglosser

lots of fake antivirus, aurora, zeus, and botnet domains to block. Sources include google.com safebrowsing, threatexpert.com, hosts-file.net and others:

360 .homeunix .com adobefreesoftware .com
888viet .com allstaffdefender .com
adobe-config-s3 .net antimalware-2010 .com
adwarepronow .com flashdownloadv11 .com
alt1 .homelinux .com get-spyware-destroyer .com
ameimx .com getantivirusplusnow .com
amt1 .homelinux .com global-a-security .com
anabolic-pharma .com global-b-security .com
antisgetout .cn global-c-security .com
filoups .info global-d-security .com
fireasseye .com global-z-security .com
freecapch .info google .com .analytics .egilkemecun .com
ftpaccess .cc imgyou1 .yourfreehosting .net
fuckbriankrebs .com inter0virus-scan .com
gink22hok .com inter8virus-scan .com
google .homeuni8 .com internet-free-webgames .com
google .homeunix .com just-protect-pc .info
google .homeunkx .com learnwholesalesecrets .com
guards-pc .com max-antivirus-security11 .com
guardwww .com max-antivirus-security22 .com
kinolinks .com max-antivirus-security4 .com
klalkius .com max-antivirus-security5 .com
lexusbestparts .com max-antivirus-security55 .com
loadpartners .com max-antivirus-security6 .com
max-antivirus-security7 .com
max1antispyware .com max-antivirus-security77 .com
max2antispyware .com max-antivirus-security9 .com
max4antispyware .com microantiviruslive .com
max6antispyware .com navy-antispywarea .com
max7antispyware .com pro-2in1-securityh .com
merin22 .mooo .com registrycleanersreviewed .com
mr-tr0jan .no-ip .biz remote-pc-scannerv .com
mysecurityland .com remote-pc1-scanner .com
new-av-scannera .com scan-and-destroya .com
new-system-guard .in scan-and-destroye .com
newsystem-guard .in scan-and-destroyt .com
nokrizis2 .org scan-and-destroyw .com
oduvanchic .com scan-and-destroyz .com
paymentsafety .net scan4virus-onlinea .com
pcsecurity-soft .com scan4virus-onlined .com
pidersli .net scan4virus-onlinet .com
podgribami .org scan4virus-onlinew .com
protectedfield .in scan4virus-onlinne .com
qbzq16 .com secure-plus-payments .com
remotepaybill .com secure .privatesecuredpayments .com
rescuesysupdate .com security-tool2010 .com
safetyearth .net smart-2-antispyware .com
samsonite-shop .cz smart-3-antispyware .com
scriptwb .com smart-7-antispyware .com
secondome .com smart-8-antispyware .com
securepcav .com smart-9-antispyware .com
sl1 .homelinux .org smartvirus-scan1 .com
smart-av-scan1 .com smartvirus-scan3 .com
smart-av-scan3 .com smartvirus-scan4 .com
smart-av-scan5 .com smartvirus-scan6 .com
smart-av-scan7 .com smartvirus-scan8 .com
smart-av-scan9 .com spyware-max-scan2 .com
smart1antivirus .com spyware-max-scan3 .com
smart2antivirus .com spyware-max-scan5 .com
smart4antivirus .com spyware-max-scan7 .com
spy-detectora .com spyware-max-scan9 .com
spy-detectorc .com spywaredestroyerone .com
spy-detectore .com spywaremaxscan4 .com
spy-detectorf .com spywaremaxscan6 .com
spy-detectork .com spywaremaxscan9 .com
spy-sheriff .tk spywareremovalguides .com
spywaremaxscan1 .com stop-virus-server .com
spywaremaxscan3 .com super1antispyware .com
tax .state-nm .com super4antispyware .com
tax .state-ok .com super6antispyware .com
torrentabuser .com super7antispyware .com
tyuqwer .dyndns .org update .ourhobby .com
vasd .info virus-detectora .com
vinefirebot .com virus-detectorc .com
voanews .ath .cx virus-detectord .com
warezaccess .com virus-detectorj .com
webswan .33iqst .com virus-detectort .com
windef2010 .com win6best-scanner .com
winxp7server .com windowsaltserver .com
ymail .ath .cx

The malware block lists here are provided for free for noncommercial use as part of the fight against malware. Please help to keep this site free! Donate whatever you can, all donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available. Full acknowledgement, an icon, and link back to your site will be placed in the left sidebar.

Domains.txt file is the complete list along with original reference.
New: Justdomains contains list of only the domain names.
Updates are located at http://www.malwaredomains.com/updates or one of the mirrors
The full files are located at: http://www.malwaredomains.com/files or one of the mirrors
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.

Also Available in AdBlock, ISA, and MaraDNS formats.
Now a trusted source on the WOT-the Web of Trust!

Used by SURBL, MOREnet, and others…

100 New Domains

Posted on February 16th, 2010 in New Domains,Phishing by dglosser

Sources: www.malwaredomainlist.com, malwareint.com, abuse.ch and more:

24jd .co .cc accountlogin .saouar-ncsoft .com
384756783900 .cn ads .honestjohn .co .uk
67gr .co .tv advs .rach .com .sg
6ccc .ru antispywarecomp .com
77gr .co .tv antispywarefordummies .com
783456788839 .cn antivirus-live-one .com
aau .bij .pl antivirus-scan-wizarda .com
apsight .ru antivirus-scan-wizardc .com
arber .us antivirus-scan-wizardd .com
avalaz .info antivirus-scan-wizarde .com
bahoy .net antivirus-scan-wizardf .com
banconsol .com antivirus-wizard-d5 .com
bbcnewss .avh .cx antivirus-wizard-e6 .com
bet-portal .com antivirus2010pro .com
brainzzz .net antiviruswizard .org
camforuss .com aop1 .homelinux .com
cddvdwriter .com app1 .homelinux .com
cefincf .com archive .zinnko .be
cement-bag .com av-online-scan .org
comicscaner .cn banginbeckyblog .com
csjbo .info betgrandslam .com
driverpro .org blackhatcodebreaker .com
dsfad .in brutapukamuk .com
e-mule-it .com buy-internetsecurity .com
ecoolwatch .com clickgooglo .com
emule-it .com cnyijiaying .com .cn
farmeset .com compuguard .info
ffsvrs .com connectproxy .3322 .org
frameste .com contentcleaner .com
fraudgedt .com core2687 .downloadarchivex .com
freebest4 .info cp332308 .cpanel .tech-logol .ru
frudget .com downloadserialcrack .com
geewong .org facilsex .com .ar
gotworse .cn for-sunny-smile .com
horosta .ru forhappysex .com
jtmqypcgt .info good-spyware .com
klaikius .com google-analytics .su
kripw .com huliganseres .net
pes2009 .biz inlakehouse .com
raudget .com lehmanbrotherbankruptcy .com
repek .or .kr letitbit .zinnko .pl
securixp .com microsoft-windows-security .com
sjfdhw395t .com mynes-consultings .cn
sneakyboy .com nazarethimaging .com
sulikavan .us protectedsystem .in
textsex .biz protective-program .com
topdns241 .com securityantivirus .com
vinodelam .net useclean-atyour-sys .in
webnomoney .com winxpupdate .org
xx4b83603e .ru zanosi-bablo .com

Blackhole DNS Update – rogues, trojans, fastflux domains

Posted on January 21st, 2010 in New Domains,Phishing,Trojans by dglosser

rogues, trojans, zbot domains and more to add to your malware blocklist of malware sinkhole:

1vgtpp .eu
53kkk1 .info
67pp .com
abc-pl .com
adbrite-com .1e100 .net .petardas-com .carswebnet .ru
adcounters .net
adult-tube-free .com
adult-tube-free .net
agfasdasdf .freehostia .com
amazon-de .kinopoisk .ru .marketwatch-com .thechocolateweb .ru
analiticmondo .in
andige .net
antispywareonlinel1 .com
atthisstage .com
bild-de .zedge .net .qip-ru .thelaceweb .ru
bizuklux .cn
blackberry-com .indianrail .gov .in .aufeminin-com .thechocolateweb .ru
boolred .in
cgigfahccun .com
clean-your-pca1 .com
clean-your-pca2 .com
clean-your-pcb1 .com
clean-your-pcb2 .com
clean-your-pcc1 .com
clean-your-pcd1 .com
clean-your-pcd2 .com
clean-your-pce2 .com
clean-your-pcr1 .com
clicksor-com .eastmoney .com .mobile-de .homesaleplus .ru
cnzz-com .play .com .detik-com .thechocolateweb .ru
confeop .com
deadlockedpics .com
dell-com .xanga .com .bild-de .worldwebworld .ru
dict-cc .plentyoffish .com .way2sms-com .webdesktopnet .ru
discoverany .cn
doctissimo-fr .news .com .au .accuweather-com .worldwebworld .ru
download-free-files .com
download-free-files .net
eicyxtaecun .com
eliteproctologyforyourass .biz
elmundo-es .gazzetta .it .careerbuilder-com .funwebmail .ru
elnasa .ru
empflix-com .nfl .com .filefactory-com .carswebnet .ru
engadget-com .adult-empire .com .chinaz-com .worldwebworld .ru
enlightenedver .com
freeantyspysoftwarepill .com
freeantyviruspillonline .com
freeantyviruspills .com
freeantyviruspillsite .com
freeantyviruspillstore .com
0891e .com .cn
greatpeopleoftheworld .com
guidebat .ru
gwsdwxae .cn
healing-tao .pl
hoopchina-com .it168 .com .drudgereport-com .thechocolateweb .ru
host127-0-0-1 .com
ibm-com .lowes .com .wowarmory-com .worldwebworld .ru
iciba-com .orbitz .com .mainichi-jp .worldwebworld .ru
icio-us .google .ro .musica-com .thelaceweb .ru
ijgfshjuno .net
inet-antivir11 .com
inet-antivir12 .com
inet-antivir21 .com
inet-antivir22 .com
inet-antivir26 .com
internet-antivir022 .com
internet-antivir033 .com
internet-antivir044 .com
internet-guard .net
introstep .biz
irctc-co-in .rapidshare .com .skyrock-com .thechocolateweb .ru
ishndor .org
iwantr8 .ru
jk35css .cn
johnsite .ru
kill-spywarem2 .com
kill-spywarem7 .com
kit .mastacash .com
kizliar1 .com
kukusiki .com
lagworld .ru
lastcodone .com
lastping .com
linezing-com .thepiratebay .org .gazeta-pl .thechocolateweb .ru
lucknets .com
mail-ru .gamefaqs .com .aweber-com .thechocolateweb .ru
manbest .ru
mettgroup .com
mezdunar3net .com
mihanblog-com .google .ae .google-gr .thechocolateweb .ru
miniclip-com .t-mobile .com .yourfilehost-com .thechocolateweb .ru
mobile-an-ty-spyware-pill .com
movieinfobank .com
mtv-com .citibank .com .gutefrage-net .webdesktopnet .ru
mydailymail .cn
myfreeantyviruspill .com
mysecretinfo .com
newfreeantyviruspill .com
nextpics .org
nikkei-co-jp .gamefaqs .com .clickbank-com .carswebnet .ru
nowdownloadall-com .costco .com .travelocity-com .thelaceweb .ru
ohyeah213 .com
ok87ii .ne .kr
oki8uuo .ne .kr
oki8uuq .co .kr
oki8uuq .kr
oki8uuq .or .kr
oki8uuu .co .kr
oki8uuu .kr
oki8uuu .ne .kr
oki8uuu .or .kr
oki8uuw .kr
online-antispyi1 .com
online-antispyi2 .com
online-antispyi5 .com
online-antispym1 .com
online-spyware-scanl8 .com
onlineantispywareremo .com
onlineantivirusr4 .com
open-an-ty-spyware-pill .com
overstock-com .gamefaqs .com .nu-nl .thechocolateweb .ru
pantherpicso .com
pilonoc .cn
pornbb-org .sourceforge .net .ime-nu .halfsite .ru
pozeml .com
progressiveol .org
qcfhgajqcun .com
quartertin .info
radikal-ru .nydailynews .com .tianya-cn .greatwebradio .ru
rainerfox .narod .ru
razved .org
sexyshowvideo .info
shells4you .net
shinobi-jp .excite .co .jp .nfl-com .thelaceweb .ru
softlayer-com .capitalone .com .google-co-th .viewhomesale .ru
soprocms .com
sponsorads-de .58 .com .abc-go-com .thelaceweb .ru
spy-scanneri07 .com
spyware-remover071 .com
stallvars-1 .com
stc-com-sa .chip .de .badoo-com .viewhomesale .ru
steuerberatung-sachsen .de
stop-virus-4 .com
stop-virus-6 .com
stopspaming .com
sunshinesrose .com
supergh0st .in
sysdefenders .com
telkiiporno .ru
tempoktv .com .tw
testing3 .fileave .com
tg .01lm .com
thefreeantyviruspill .com
themobisite .ru
thetraf .net
thewarriorgroup .com
trojan-scanner01 .com
trojanscan04 .com
trojanscan08 .com
ujjiks .im
undershotpics .com
us .kyod .biz

usuarios .arnet .com .ar
vbftppp2 .co .uk
vbftppp3 .co .uk
vbftppp4 .co .uk
vcsltp .com
vsdflpttt .co .uk
vsdflpttt .com
webvirusscanner33 .com
who-let-block .com
zmmoscow .com

Block ueopen .com ASAP

Posted on November 18th, 2009 in 0day,New Domains,spam by dglosser

Block the domain ueopen .com ASAP.

From  http://www.fbi.gov/cyberinvest/escams.htm (spaces added to malicious domain):

The FBI assesses with high confidence that hackers are using spear phishing e-mails with malicious payloads to exploit U.S. law firms and public relations firms….   The specific intrusion vector used against the firms is a spear phishing or targeted socially engineered e-mail designed to compromise a network by bypassing technological network defenses and exploiting the person at the keyboard. Hackers exploit the ability of end users to launch the malicious payloads from within the network by attaching a file to the message or including a link to the domain housing the file and enticing users to click the attachment or link….

Once executed, the malicious payload will attempt to download and execute the file ‘srhost.exe’ from the domain ‘hxxp://d. ueopen.com’; e.g. hxxp://d. ueopen.com/srhost.exe. Any traffic associated with ‘ueopen.com’ should be considered as an indication of an existing network compromise and addressed appropriately.

Domain will be added on the next update but you should not wait….

Rogue domains, phish domains, scareware domains added

Posted on November 17th, 2009 in New Domains,Phishing,rogue antivirus by dglosser

Sources include www.tech-linkblog.com, blackip.ustc.edu.cn:

123123k .cn 1protectthispc .com
17xmm .info acha .org .fffazsf .org .uk
1job1 .cn activesecuritycard .cn
4-computer .com activesecuritycodes .cn
51she .info activesecuritytool .cn
58sese .com activesecurityzones .cn
592lv .cn altmaforbetchrono00000 .info
61wg .com altmaforbetchrono00000 .net
91rpp .com antispycenter .com
97feihu .com anti-spyware24 .com
abdata1 .com anti-spywarecenter .com
antiaid .com anti-spywarenet .com
antivirusj .com antispywaretop .com
antivirusm .com antispyworldwide .com
antivirusn .com antivaprof2009 .com
bebiland .com antiviraprof2009 .com
bobo555 .net aproximosstyle0112 .info
bookheads .cn automaticauto .ro
darkpieces .com bestantispysoft .com
davtraff .com bestvirusidentify .com
eeejssad .co .uk blockdefender .com
eeejssad .me .uk brasilive .vai .la
eeejssad .org .uk fastzonescannow .com
eeejssaf .co .uk fast-zonescannow .com
eeejssaf .me .uk fastzone-scannow .com
eeejssaf .org .uk fastzonescan-now .com
eeejssah .co .uk fastzonescannow .net
eeejssah .me .uk fast-zonescannow .net
eeejssah .org .uk fastzone-scannow .net
eeejssaw .me .uk friendfinder .com
eeejssaw .org .uk green-av-2010-pro .com
ggv .nna .cc guidetosecurity3 .com
gobarscan .com howtoprotect1 .com
hcardoso .com kill-virusd .com
kavymsu .cn learnherenow .com
kerleymira .com malicious-sites .com
kill-virusb .com marketingtechnologymaven .com
kill-virusc .com onlinegazik .name
kiniop .cn pcdoctor2010 .com
neeeaza .co .uk pcprotect2009 .com
neeeaza .me .uk pc-safe2009 .com
neeeaza .org .uk pcsafety2009 .com
neeeazd .co .uk pcsafetyonline .com
neeeazd .me .uk seekprotection2009 .com
neeeazd .org .uk slides .whyza .net
neeeazg .co .uk socks5servise .cn
neeeazg .me .uk spydetect2009 .com
neeeazg .org .uk spywaredetector24 .com
neeeazh .co .uk spyware-list .com
neeeazh .me .uk superactivesecurity .cn
neeeazh .org .uk systemwarrior .com
neeeazk .co .uk usadospa .com .br
neeeazk .me .uk useractivesecurity .cn
neeeazk .org .uk viruseliminater2009 .com
nutua .com virusidentifycenter .com
pvcox .biz virus-pcscan2 .com
rainbowlike .cn vpk .freehostia .com
scannerg .com webantispysoft .com
scannerh .com webanti-spyware .com
scannerr .com webpcdoctor .com
secure-me0 .com webpcprotect .com
sidlife .com webspydetect .com
trollgold .info windowsenterprisesuite .com
uffertyew .cn windows-scan01 .com
uyerfbvo .cn windows-scan06 .com
win-scan0 .com windows-scan07 .com
win-scan02 .com windows-scan09 .com
win-scan05 .com windows-scan12 .com
win-scan07 .com winscanner01 .com
win-scan09 .com winscanner13 .com
xin9999 .com

The malware blocklists here are provided for free for noncommercial use as part of the fight against malware.

However, it i’s time to pay hosting costs once again….

Please help to keep this site free! Donate whatever you can,  all donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available.  Full acknowledgement, an icon, and link back to your site will be placed in the left sidebar.


Read this page if you want to report a false positive.

Domains.txt file is the complete list along with original reference.
New: Justdomains contains list of only the domain names.
Updates are located at http://www.malwaredomains.com/updates.
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats.
Now a trusted source on the WOT-the Web of Trust!

Used by SURBL, MOREnet, and others…

botnet, phishing domains

Posted on November 6th, 2009 in New Domains,Phishing by dglosser

Sources include blog.fireeye.com, ww.rbl.jp, malwaredomainlist.com, and others:

asqwazr .eu admzjyda .biz
aviso .ci ajzplrakzui .org
devline .se alfaharpun .org
dilokqm .eu antivirusk .com
eiye1ua .eu beztakrezt .info
eiye1uc .eu billibonskanzas .com
eiye1ue .eu blagoinc .info
eiye1uf .eu bombermans .cn
eiye1ug .eu cdarwash .com
eiye1ur .eu cristymisty .info
eiye1us .eu foodcaters .info
eiye1ut .eu fouineur .net
eiye1uv .eu galileoboots .info
enzyman .com geld-bonis .de
ersd12wb .eu global-certificates .net
ersd12wc .eu gondolfrazrv3 .com
ersd12wg .eu greatpunnett .com
ersd12wh .eu gretdinner .com
ersd12wj .eu grezasadaf .info
ersd12wk .eu hakasimq .info
ersd12wl .eu hotopikalar .info
ersd12wm .eu iztep14mrkde .info
ersd12wo .eu jabrastatic .inf0
ersd12wv .eu jamfzuyqyra .com
ersd12wy .eu jopiterazania .net
fasazab .eu kabinaout .net
fasazad .eu kampfish .com
fasazae .eu lakpfish .com
fasazaf .eu lovingliferetreats .com
fasazag .eu malwardetect .com
fasazam .eu mazerattikrak .info
fasazav .eu metrobrokerage .com
foxyfis .com mibbbad .co .uk
heratsb .eu mibbbad .me .uk
heratsd .eu mibbbad .org .uk
heratsf .eu mibbbah .co .uk
heratsg .eu mibbbah .me .uk
heratsh .eu mibbbah .org .uk
heratsk .eu mibbbal .co .uk
heratsl .eu mibbbal .me .uk
heratsm .eu micralokp .biz
heratsn .eu milfifezaboq .org
heratso .eu miraklegroup .info
heratsq .eu mirexint .biz
heratsr .eu mkzyajiujoiq .info
heratss .eu nayzielzp .biz
heratst .eu olampfish .com
heratsy .eu pilimerkazana .biz
herrazzd .eu poelzmdayl .com
herrazzh .eu raffaellopaolino .net
herrazzj .eu resonabhuy .kz
herrazzo .eu saxzask .co .uk
herrazzr .eu saxzask .me .uk
herrazzy .eu saxzask .org .uk
ibbaswze .eu saxzasl .co .uk
ioooliob .eu saxzasl .me .uk
iooolioc .eu saxzasl .org .uk
iooolioe .eu saxzasv .co .uk
ioooliog .eu saxzasv .me .uk
iooolioq .eu saxzasv .org .uk
iooolior .eu saxzasy .co .uk
iooolios .eu sazzawf .co .uk
ioooliot .eu sazzawf .me .uk
ioooliov .eu sazzawk .co .uk
ioooliox .eu sazzawk .me .uk
iooolioy .eu sazzawl .co .uk
judlife .com shieldsafeness .com
kuport .com skiloper .net
lef1asza .eu smallcyclades .com
lefassza .eu softbarrier .com
lefaszan .eu softstronghold .com
lefaszav .eu spirina .by .ru
lefaszxa .eu spywarescani .com
lefawsza .eu syrus .x10hosting .com
lllujiob .eu tb-media-shop .de
lllujioc .eu ujtqwaq1 .co .uk
lllujiod .eu ujtqwaq1 .me .uk
lllujiof .eu ujtqwaq1 .org .uk
lllujiog .eu ujtqwaqb .co .uk
lllujioh .eu ujtqwaqb .me .uk
lllujioi .eu ujtqwaqb .org .uk
lllujioj .eu ujtqwaqk .co .uk
lllujion .eu ujtqwaqk .me .uk
lllujiot .eu ujtqwaqk .org .uk
lllujiov .eu ujtqwaqm .co .uk
lllujiox .eu ujtqwaqm .org .uk
lllujioy .eu ujtqwaqo .co .uk
lllujioz .eu ujtqwaqo .eu
oooeasef .eu ujtqwaqo .me .uk
oooeaseg .eu ujtqwaqo .org .uk
poresawe .eu upoyansa .com
poresawg .eu uuuutyre .eu
poresawq .eu uuuutyri .eu
poresawu .eu uuuutyro .eu
poresawv .eu uuuutyrp .eu
poresawx .eu uuuutyrr .eu
qqqqasc .eu uuuutyrt .eu
qqqqasf .eu uuuutyrv .eu
qqqqash .eu uuuutyrw .eu
qqqqasj .eu uuuutyry .eu
qqqqask .eu verissimocafe .kz
qqqqasl .eu virusproktect .com
qqqqaso .eu vunkonf .com
qqqqasr .eu wikirocksa .info
qqqqasy .eu wpolemon .com
sazzawf .eu xdl .nyist .net
ttteraa .eu xxxasqwe .eu
ttterab .eu xxxasqwp .eu
ttterac .eu xxxasqwz .eu
ttterad .eu yankdream .info
ttterae .eu yesterdays-party .com
ttteraf .eu yokserezantia .net
ttterag .eu yopilazankaza .net
ttteran .eu you-blocked-me-now-suffer .com
ttteraq .eu yourwaybaskets .com
ttteras .eu you-were-nervous .com
ttterat .eu you-were-not-like-that .com
ttterav .eu ytypein .com
ttterax .eu yyyaszai .eu
ttteraz .eu yyyaszal .eu
typekn .com yyyaszao .eu
typirew .org yyyaszap .eu
tytpein .com yyyaszaq .eu
uikkl .info yyyaszar .eu
ujtqwaq1 .eu yyyaszau .eu
ujtqwaqb .eu zaaaasaa .eu
ujtqwaqk .eu zavaretalies .com
ujtqwaqm .eu zmcby6vg .biz

240+ zeus, phishing, malicious domains

Posted on November 3rd, 2009 in New Domains,Phishing,zeus by dglosser

Over 240 zeus, phishing, harmful domains added. Sources include ddanchev.blogspot.com, antiphishing.reasonables.com, zeustracker.abuse.ch:

22ger .cn ogurchik .cn
33hrf .cn podzemje .cn
iark .net tj1fiil .com
judns .net tj1fiil .net
lnxwy .com woonhae .com
ololii .eu yy1azsva .eu
ololiw .eu yy1azsvq .eu
ololiy .eu yy1azsvz .eu
ololiz .eu yyy1asvf .eu
ukliit .cn yyy1azsy .eu
yh1qab .eu yyy1azvg .eu
yh1qak .eu yyy1zsve .eu
yh1qal .eu bichalina .cn
yh1qao .eu buzizoo2 .com
yh1qaz .eu gerrahawa .eu
6arada .net gerrahowa .eu
dilokqv .eu gerrakawa .eu
gld111b .ws gerrakowa .eu
h1erfae .eu gerralowa .eu
h1erfai .eu gerraoowa .eu
h1erfaj .eu gerrasasa .eu
h1erfaq .eu gerrasase .eu
h1erfar .eu gerrasasq .eu
h1erfat .eu greenhead .cn
h1erfau .eu hulasoftz .cn
h1erfaw .eu immikiut1 .cz
h1erfay .eu keysiolo .net
hewj .co .cc ll7ll .com .es
ij1tli .net longulen .net
j1t1iil .eu nyuy12qwf .eu
lj1tli .com nyuy12qwg .eu
lj1tli .net nyuy12qws .eu
lj1tll .com ololii .co .uk
lj1tll .net ololiw .co .uk
ltlil1 .com ololiy .co .uk
ltlil1 .net ololiz .co .uk
milki1a .co rrref1aaz .eu
milki1a .me rrref1akz .eu
milki1e .me rrref1ykz .eu
milki1g .me rrrefjokz .eu
milki1i .co thecowrd .com
milki1l .co tuttakto .com
milki1y .me yandex .co .cc
n111sae .eu yh1qab .me .uk
n111sak .eu yh1qak .co .uk
n111sap .eu yh1qak .me .uk
n111say .eu yh1qal .co .uk
n111saz .eu yh1qao .co .uk
nniuji1 .eu yh1qao .me .uk
nniujih .eu yh1qaz .me .uk
nniujo1 .eu bbttyak .co .uk
nniukif .eu bbttyam .co .uk
nniukih .eu bbttyam .me .uk
nniukik .eu bbttyap .co .uk
nniukiw .eu bbttyap .me .uk
nniukiz .eu bbttyaz .co .uk
nniuxih .eu bbttyaz .me .uk
nniuxiw .eu bubenchik .net
pouikib .eu megicpatt .com
pouikic .eu tt1qwaq .co .uk
pouikie .eu tt1qwaq .me .uk
pouikif .eu tt1qwar .co .uk
pouikig .eu tt1qwar .me .uk
pouikir .eu tt1qwat .co .uk
pouikis .eu tt1qwat .me .uk
pouikit .eu tygerah .co .uk
pouikiv .eu tygerak .co .uk
pouikiw .eu tygeraw .co .uk
pouikix .eu tygeraz .co .uk
pouikiy .eu armadaneo .info
rodjer .com bbttyak .org .uk
saaasak .eu easder1g .co .uk
saaasav .eu easder1l .co .uk
tj1fiil .tc easder1m .co .uk
tt1qwa1 .eu fluousness .net
tt1qwa1 .me limon4ik .co .cc
tt1qwae .eu mailzippo .info
tt1qwae .me nytre4rt .co .uk
tt1qwaq .eu nytre4ru .co .uk
tt1qwar .eu qwecvgfjk .info
tt1qwat .eu yag0yag0 .co .cc
tygerah .eu yhaqwe1a .co .uk
tygerak .eu yhaqwe1q .co .uk
tygeraw .eu yhaqwe1r .co .uk
ujihkei .eu yhaqwi1g .co .uk
ujihkni .eu yhaqwi1h .co .uk
ujihkui .eu yhaqwi1l .co .uk
bbbboom .com yhaqwi1m .co .uk
edilokqf .eu yhaqwi1p .co .uk
edilokqi .eu dietcoaches .com
edilokqm .eu dontstop185 .net
edilokqn .eu fut763jrs4l .com
edilokqr .eu happykinder .org
edilokqs .eu mateoarriba .com
edilokqu .eu nyuy12qwa .co .uk
edilokqx .eu nyuy12qwf .co .uk
filatok .com nyuy12qwg .co .uk
heiiikok .eu nyuy12qws .co .uk
heiiikoy .eu nyuy12qwz .co .uk
heiiikul .eu redstars .ax3 .net
heiiikum .eu subaruservice .cn
heiiikuv .eu wildbunchwtf .com
heiiikuy .eu yhhherasde .co .uk
i1st .net .cn yhhherasdp .co .uk
idllsit .com yhhheraski .co .uk
j1t1iil .com newmoon-movie .net
j1t1iil .net ontvertenchio .org
nyuh1awa .eu probrosikanet .org
nyuh1awb .eu yhhheraskog .co .uk
nyuh1awc .eu yhhheraskol .co .uk
nyuh1awd .eu yhhheraskoy .co .uk
nyuh1awe .eu 00002009 .zapto .org
nyuh1awf .eu yourskinonline .com
nyuh1awg .eu zzzz .ellmada .co .cc
nyuh1awh .eu kripakripchampion .ru
nyuh1awm .eu windows-update210 .com
nyuh1awn .eu agoravai11 .tempsite .ws
nyuh1aws .eu streammediastorage .com
nyuh1awt .eu ushenkohuivolosatiy .ru
nyuh1awv .eu opengl17 .freehostia .com
nyuh1awx .eu sisters-try-strapon .com
nyuh1awz .eu

The blocklists here are provided for free as part of the fight against malware.

However, it i’s time to pay hosting costs once again….

Please help to keep this site free!  Donate whatever you can,  all donations go to hosting and infrastructure costs.

Also, yearly sponsorships are available.  Full acknowledgement, an icon, and link back to your site will be placed in the left sidebar.


Read this page if you want to report a false positive.

Domains.txt file is the complete list along with original reference.
New: Justdomains contains list of only the domain names.
Updates are located at http://www.malwaredomains.com/updates.
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats.
Now a trusted source on the WOT-the Web of Trust!

Used by SURBL, MOREnet, and others…

Over 325 zeus, malspam, phishing, zeus domains added

Posted on October 17th, 2009 in New Domains,Phishing,spam by dglosser

Over 325 new domains added – no many to list.  We usually don’t add spam or phishing domains due to their sheer number but this is an exception.

Check the http://www.malwaredomains.com/updates/20091017.txt file for the full list.

Update your blocklists ASAP!

zeus domains, phishing domains, fraud domains

Posted on September 27th, 2009 in New Domains,Phishing,zeus by dglosser

zeus, fraud,phishing domains to block:

753123 .cn 9049629062 .com
aaic .ru advancement-statekos .cn
aaig .ru a-ha-group .com
aaiv .ru american-avto .net
aclc .ru americanliit .cn
alwaysky .cn aol-update-installer .cn
avrev .info askthegoalkeeper .com
besher .net assdazzxcad .cn
bet7bet .cn bigamadillo .ru
comp-sp .ru bigfreepussy .net
cz8 .ru blghacks .com
deropen .com careyzfunz .com
dibosh .cn cecilzfunz .com
djhbzsv .cn clearrecords .ru
docplus .ru closerprups .com
drbach .pl countrystar .ru
ef2tr .cn deluz666 .info
esenins .cn dirvsdl .co .kr
groov .biz eremenko .biz
harflash .cn euroassistant .eu
i11ate .eu fairydata .cn
i11bte .eu fedas1aa .com
i11ete .eu fedas1ab .com
i11hte .eu fedas1ac .com
i11ite .eu fedas1ad .com
i11mte .eu fedas1ae .com
i11nte .eu fedas1af .com
i11ote .eu fedas1ag .com
i11pte .eu fedas1ah .com
i11rte .eu fedas1ai .com
i11tte .eu fedas1aj .com
i11ute .eu fedas1ak .com
i11wte .eu fedas1al .com
i11xte .eu fedas1am .com
i11zte .eu fedas1an .com
ianndex .com fedas1ao .com
jacarise .it fedas1ap .com
jaha1ws .eu fedas1aq .com
jbha1ws .eu fedas1ar .com
jdha1ws .eu fedas1as .com
jgha1ws .eu fedas1at .com
jjha1ws .eu fedas1au .com
jkha1ws .eu fedas1av .com
jmha1ws .eu fedas1aw .com
jnha1ws .eu fedas1ax .com
jpha1ws .eu fedas1ay .com
jqha1ws .eu fedas1az .com
jrha1ws .eu ghostusers .info
jtha1ws .eu goldbrick .cn
juha1ws .eu goodsovclass .com
juhh1we .com gorodsnov .cn
juhh1wf .com groovemusics .net
juhh1wg .com guild .hut .ru
juhh1wh .com hellzoness .ru
juhh1wj .com homyak777 .cn
juhh1wn .com hostz-150909 .com
juhh1wp .com inviagra .com
juhh1wq .com kanabiolka .net
juhh1wr .com ks357429 .kimsufi .com
juhh1wt .com ledyzpizdik .cn
jvha1ws .eu magicpincer .com
jwha1ws .eu mbtransfer .com
kanever .com my-honey-pet .in
kid1hx .eu nescafelayout .coms
limon4ik .cn noabuseplease .cn
loadir .net nonprobs .com
megobill .cn option-1 .org
mylfix4 .cn p0rt3m .bplaced .net
naifos .biz p0rt3m1337 .bplaced .net
nerinsk .com palmainfo .com
nwac .ru poolballset .com
onivgope .cn posledniy .cn
onulor .cn predposledniy .cn
otdel-k .cn rdr20090924 .info
pm13 .ru richalina .cn
pobedaim .cn robotbobot .cn
proxy5my .cn scanmequick .com
pvdiz .biz sdf388fsh6767fsbb4ba7 .com
pvsex .biz seo-fraud .ru
ripway .com smart-phone-reviews .com
sattor .cn softinfosite .com
sir-t .cn sureameritradex .com
sl111 .net technigoyous .net
sscanner .ru theblogwebsite .com
uh1asu .eu timezero .freehostia .com
v-bonus .ru tissot333 .cn
viphack .ru traffic4stats .cn
vivabot .com updateload .info
vstdrrr .mn updateslive .net
vstdrrr .us uscguard .com
wh0rse .net vadik .jino .ru
wipex .org vampizdecvsemnax .net
wwooww .org videowalha .co .uk
wwwcfg .com wapdodoit .ru
xepace .cn woocasino .com
y11dera .com worldofshore .cn
y11derb .com wwwaaa101 .com
y11derc .com wwwbypost .com
y11derd .com wwwipnot .com
y11dere .com xoxo .slavhosthosting .ru
y11derf .com y11derq .com
y11derg .com y11derr .com
y11derh .com y11ders .com
y11deri .com y11dert .com
y11derj .com y11deru .com
y11derk .com y11derv .com
y11derl .com y11derw .com
y11derm .com y11derx .com
y11dern .com y11dery .com
y11dero .com y11derz .com
y11derp .com ybsportcn .ws
yomobi .ru youloads .ru
zother .net yourhsc .jino .ru

Read this page if you want to report a false positive.
Domains.txt file is the complete list along with original reference.
New: Justdomains contains list of only the domain names.
Updates are located at http://www.malwaredomains.com/updates.
The full files are located at: http://www.malwaredomains.com/files
BOOT file is in MS DNS format. spywaredomains.zones file is in BIND format.
Also Available in AdBlock, ISA, and MaraDNS formats.
Now a trusted source on the WOT-the Web of Trust!
Used by SURBL, MOREnet, and others…